aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,583 Commits
7 Branches
155 Tags
200 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'aa2c3118e3'
${ noResults }
Commit Graph

94 Commits (aa2c3118e3f5972b8b0cfe11139e0ba9f0db1b76)

Author SHA1 Message Date
Victor Julien fc248ca7a1 Many small performance updates. 15 years ago
Victor Julien 57b098e98c Add padding to commonly used data structures. 15 years ago
Pablo Rincon 5c43db85ce Drop streams on inline mode when a drop rule match from a reassembled stream and/or app layer inspection 15 years ago
Pablo Rincon 70bda6506d Fix for bug 180 (check proto specified at the IP hdr) 15 years ago
Victor Julien 1fb11e939a Improve configure messages. Make sure CUDA doesn't try to process packets that are too big. 15 years ago
Victor Julien e14331cbb2 Fix PACKET_RECYCLE not cleaning all of the packet. 15 years ago
Victor Julien 3c1ae607cf Fix cuda compilation. 15 years ago
Anoop Saldanha 33f4beb0bc batching of packets support for cuda b2g mpm. Supported for both 32 and 64 bit platforms 15 years ago
Victor Julien 017b95f9ef More thoroughly cleanup a Packet when we recycle it. Fixes a corner case where we'd have a invalid tcp packet but p->proto would still say IPPROTO_TCP because of a previous run. Fixes bug #187. 15 years ago
Victor Julien 580b09c2b8 Make sure we inspect all outstanding reassembled stream chunks (smsg) if the stream is shutting down. Make sure to do inspect signatures that use dsize against the tcp packet payload, even if that payload was already added to the stream. Likewise, the dsize signatures are not inspected against the reassembled stream. 15 years ago
Victor Julien a3ff0e7210 Don't scan TCP packet payload if it was added to the stream. Inspect the tcp stream with the correct packet. Should fix #184 and #185. 15 years ago
Pablo Rincon eed0ef6e69 Adding tag keyword support 15 years ago
Victor Julien 6519a86ec7 Move packet pool to ringbuffer, update packet pool api and ringbuffer api. Remove memset usage from PACKET_RECYCLE, add proper cleanup macros. 15 years ago
Victor Julien 37442a8a84 Prefilter signatures before fully scanning them. 15 years ago
Pablo Rincon 8cc525c939 UDP support at AppLayer message handling 15 years ago
Victor Julien fdd0f3939e Reduce size of event bit array in the packet structure. 15 years ago
Anoop Saldanha f4120ff5d5 wrap multi line macros in do while 15 years ago
William Metcalf 2eef905c07 GPL and Copyright header updates. 15 years ago
Victor Julien b8641f300d Rename asn1 files, fix an invalid free, fix improper init of vars in one unittest. 15 years ago
Pablo Rincon 3fa3229e01 ASN1 decoder and keyword implementation 15 years ago
Victor Julien bb685751d9 Fix NFQ receive/verdict race condition in cases where the packetpool is empty. 15 years ago
Victor Julien e741bd0202 Cleanup packet recycling code. Fix issues in the packet tunnel/pseudo code. 15 years ago
Victor Julien 19584d0416 Fix tunneled and defrag reassembled packets with the new pending limits. 15 years ago
Victor Julien 46831e0f8f Fix signature grouping bug for protocols without ports. Add debugging code. 15 years ago
Victor Julien 7a427ec7f4 Switch to pattern id based results checking in the mpm. Move app layer proto detection towards a more signature based approach. 15 years ago
Victor Julien a372c1d14e Fix/workaround a strange detection issue. 15 years ago
Pablo Rincon 1238668961 Adding actions order and suport for rule action "pass" 15 years ago
Victor Julien b90ebc1ce5 Add a packet count var for pcap file mode to the Packet structure to ease debugging. 15 years ago
William Metcalf ce01927515 Import of GPLv2 Header 050410 15 years ago
Victor Julien be5b547803 Convert DecodeSetNoPayloadInspectionFlag and DecodeSetNoPacketInspectionFlag to macro's. 15 years ago
Victor Julien fe7ece997a Different approach to the reference keyword. Lots of cleanups, bug fixes in reference keyword code and tests. 15 years ago
Breno Silva 89baf93a40 Reference Support 15 years ago
Victor Julien dd846c9b0e Remove all search code from the pattern matchers, cleanup mpm api, remove unused http code, more cleanups. 15 years ago
Anoop Saldanha 8cf60d6645 Changed the way cuda dispatcher passes back results. Now each detection thread has it's own queue to which the dispatcher can pump packets back to the detect thread. Also, with cuda enabled and a non-cuda mpm being used, we won't create a dispatcher and instead call the b2g scan/search funtions directly instead of using the dispatcher. 15 years ago
Anoop Saldanha c26e92733d handle the cuda cleanup at shutdown. should get rid of any errors from the call to SigGroupCleanup 15 years ago
Anoop Saldanha 41e6735b92 mpm b2g cuda support added 15 years ago
Breno Silva b02bb6b6b4 VLAN Support 15 years ago
Jason Ish e87d4f8a28 Split the defrag counters into ipv4 and ipv6. 15 years ago
Jason Ish 6b562f7aa6 Issue 82 - fragment counters. - number of fragments - number reassembled - number of timeouts 15 years ago
Pierre Chifflier 4515ae13e4 Add Prelude output plugin 
Add support for reporting alerts to the Prelude SIEM system, using
libprelude to send IDMEF (RFC4765) messages.

Each message contains the alert description and reference (using
the SID/GID), and a normalized description (assessment, impact,
sources etc.)

libprelude handles the connection with the manager (collecting component),
spooling and sending the event asynchronously. It also offers transport
security (using TLS and trusted certificates) and reliability (events
are retransmitted if not sent successfully).

This modules requires a Prelude profile to work (see man prelude-admin
and the Prelude Handbook for help).

Signed-off-by: Pierre Chifflier <chifflier@edenwall.com>
 15 years ago
Pablo Rincon 51dc773eec Changing the veredict actions to flags to allow simultaneous veredict 15 years ago
Jason Ish 7d920a1254 Fix issue 65. 
- Update unit test to trigger the failure found in the issue 65 pcap.
- Increase pkt buffer to account for the IPv6 header, as a maximum
  size IPv6 datagram is 40 + 0xffff.
- Account for IPv4 header when checking where end of fragment lies.
- Second sanity check during re-assembly to check for writing past
  the end of the pkt buffer.
 15 years ago
Jason Ish 5076452707 Potential fix for issue 60. 
- Increase the packet buffer so it can hold the link header when we
  have maximum size IP datagrams.
- Fix ip header length and pkt length calculation for re-assembled
  packets.
 15 years ago
Eric Leblond db2d483d11 convert action_type to enum 
This patch converts packet action type to an enum. This will
provide some facilities and ease bad value detection by gcc.
 15 years ago
William Metcalf 8a64321340 raw pcap support additionl ipv4/6 validation 15 years ago
Victor Julien 9b90c553b5 Clean ip fields from packet as well when the packet is reused. Prevents issues with malformed packets that are rejected by the decoders before ipaddresses are set. 15 years ago
Victor Julien 9ececacda3 Fix packet timestamp handling for encapsulated packets. 15 years ago
Anoop Saldanha bc4df59414 Support for Classtype keyword and Classification Config file 15 years ago
Victor Julien 10cc9d5b6a Add icmp flow handling. 15 years ago
Victor Julien a8116f65c8 Fix packet flags field not being cleared properly when the packet is being reused. Add some debug statements and cleanup some. 15 years ago